Reliability and Objectives Hierarchy R&M Objectives Hierarchy – Top Level

Context: Expectations derived from crew safety, MMOD concerns, facility safety, public safety, mission obj., sustainment, …, considerations and associated risk tolerance Top Objective: System performs as required over the lifecycle to satisfy mission objectives

Context: System/function description and requirements, including design information and interfaces

Context: Reference mission + Strategy: Prevent faults and failures, provide mitigation before/after capabilities as needed to maintain an acceptable level of functionality considering safety, performance, and sustainability objectives Context: Range of nominal / off- nominal usage and conditions/ environments

Objective: System Objective: System is Objective: System Objective: System remains functional tolerant to faults, failures is designed to have conforms to design intent for intended lifetime, and other anomalous an acceptable level and performs as planned environment, operating internal and external of availability and (1) conditions and usage events demands (2) (3) (4) R&M Hierarchy Objective: System conforms to design intent and Context: All other non-R&M centered performs as planned Sub – Obj. verification and validation activities (1) 1 Strategy: Verify and validate nominal Strategy: Test and inspect adequately to identify and resolve Strategy: Achieve high level of functionality process reliability (1.A) faults, issues and defects (1.B) (1.C)

Objective: Nominal functionality Objective: Faults, defects, or Objective: Built system and at each level of the system has Objective: All issues are other latent issues have been its components do not contain been verified and validated, resolved or closed out to an found as part of the testing/ flaws/faults that reduce ability to including hardware and acceptable level of risk inspection process withstand loads and stresses software design compatibility (1.B.2) (1.B.1) (1.C.1) (1.A.1)

Strategy: Test, inspect, Strategy: Track, address, Strategy: Select Strategy: Demonstrate to and demonstrate to an and trend issues via a appropriate quality an acceptable level that the acceptable level to ensure closed loop problem components and functionality of the system that issues are found resolution process materials meets the design intent (1.B.1.A) (1.B.2.A) (1.C.1.A) (1.A.1.A)

Strategy: Identify causes Strategy: Perform of anomalies process reliability (1.B.1.B) reviews to ensure consistency of reliability design processes with interdependent analyses (1.C.1.B)

Strategy: Establish and verify processes and handling criteria (1.C.1.C)

Strategy: Screening, proof testing and acceptance testing (1.C.1.D) R&M Hierarchy Objective: System remains functional for intended Context: Description of operating Sub – Obj. lifetime, environment, operating conditions and usage environment, including static, cyclical, (2) and randomly varying loads 2 Strategy: Understand failure mechanisms, eliminate and/or control Strategy: Assess quantitative reliability measures and recommend or failure causes, degradation and common cause failures, and limit failure support changes to system design and/or operations propagation to reduce likelihood of failure to an acceptable level (2.B) (2.A)

Objective: system and its elements are designed to withstand nominal and extreme loads and Objective: System or its elements are not Objective: System and its components meet stresses (radiation, temperature, pressure, susceptible to common-cause failures quantitative reliability criteria mechanical, …) for the life of the mission (2.A.2) (2.B.1) (2.A.1)

Strategy: Apply design standards to Strategy: Evaluate and control coupling Strategy: Determine reliability allocation incorporate margin to account for factors and shared causes between (2.B.1.A) variable and unknown stresses redundant (or dependent) components (2.A.1.A) (2.A.2.A) Strategy: Estimate reliability based on applicable performance data, historical data of similar systems, and/or physics- Strategy: Evaluate and control nominal based modeling stresses and related failure causes (2.B.1.B) (2.A.1.B)

Strategy: Support design trades based on reliability analysis Strategy: Evaluate and control potential (2.B.1.C) for extreme stresses and related failure causes (2.A.1.C) Strategy: Plan and perform life testing (2.B.1.D)

Strategy: Perform qualification testing and life demonstration to verify design for intended use Strategy: Track and monitor reliability (2.A.1.D) performance over time (2.B.1.E) R&M Hierarchy Context: Hardware Objective: System is tolerant to faults, failures and other and Software anomalous internal and external events Sub – Obj. interactions and (3) 3 interfaces Strategy: Assure that system includes necessary barriers and mitigations to keep anomalous events from compromising the ability to meet mission objectives (3.A)

Objective: System has multiple Objective: System is able Objective: System can degrade Objective: Physical and means of accomplishing to recover from anomalies or lose functions without functional pathways for fault functions that are critical to affecting functions that significantly impacting top- propagation or combination are mission objectives including are important to top-level level expectations (through limited safety expectations. contingency operations) (3.A.2) (3.A.1) (3.A.3) (3.A.4)

Strategy: Provide similar Strategy: Separate Strategy: Provide fault Strategy: Plan or dissimilar functional redundant paths management (detection, contingency or other off redundancy functionally and physically active isolation, recovery) nominal operations (3.A.1.A) (3.A.2.A) capabilities (3.A.4.A) (3.A.3.A)

Strategy: Isolate and contain faults (3.A.2.B)

Strategy: Evaluate and control shortest path to worst case effects (e.g. hazardous events) (3.A.2.C) R&M Hierarchy Objective: System has an acceptable level of Sub – Obj. maintainability and operational availability (4)

4 Strategy: Evaluate, control, and monitor the ease of maintaining, restoring, or changing system capability and total maintenance demands (4.A)

Objective: System Objective: Maintainability Objective: System provides Objective: Maintenance and repair activity can be performed design allows for performance is validated clear indication of health within available resources (cost, time) reconfiguration, upgrade, and optimized during status, degradations, and (4.A.1) or growth opportunities operations based on diagnostic information during the mission available maintenance data (4.A.2) (4.A.3) (4.A.4)

Strategy: Design to Strategy: Identify and Strategy: Establish Strategy: Perform RCM Strategy: Design the facilitate on-orbit and optimize the testability capabilities and (on orbit/ground support system to accommodate ground maintenance and and diagnostics processes to collect systems) during design future technology or check out characteristics to support and store operational to optimize the design for changes in application (4.A.1.A) the maintainability history, health status, maintainability over the design life via requirements degradation, diagnostic, (4.A.1.E) maintenance activities Strategy: Design to (4.A.2.A) and maintenance data (4.A.3.A) minimize maintenance (4.A.4.A) complexity for reduction Strategy: Perform Strategy: Incorporate Strategy: Periodically of maintenance time and maintainability simulation fault detection/isolation/ Strategy: Design for analyze test and training requirements and analysis as needed recovery at the lowest physical and functional operational history, health (4.A.1.B) to support design and practical level to support interchangeability with status, degradation, logistic support analysis the maintainability other like components Strategy: During design, diagnostic, and (4.A.1.F) requirements and assemblies consider tool selection, maintenance data to (4.A.2.B) in the system transport, stowage, ease determine maintainability (4.A.3.B) of use, and criticality Strategy: Provide performance and trends Strategy: Develop test- as well as complexity demonstration testing to (4.A.4.B) point-design strategies to of robotic maintenance verify ‘detect, diagnose, Strategy: Incorporate minimize access time and Strategy: Periodically capability where feasible isolate’ capability of modular designs to system intrusion review and update (4.A.1.C) systems and confirm facilitate remove-and- (4.A.2.C) maintenance strategy corrective and preventive replace maintenance Strategy: Use and activities maintenance task actions Strategy: Design-in and allow flexibility standardization to limit the (4.A.4.C) and analysis self-diagnostics for in the design number of feasible design (4.A.1.G) assemblies to minimize (4.A.3.C) options and encourage Strategy: Ensure maintenance/recovery the use of common availability of data to time and false alarms items, procedures, future programs (4.A.2.D) processes, tools, etc and projects (4.A.1.D) (4.A.4.D)